Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Supported by

Upload error (jsPsych experiment) on university JATOS server (v3.5.2)

Our university has a JATOS server (v3.5.2) which we can use to run our experiments, but since a few days I get an error when trying to upload a jsPsych experiment. The error I get is: "You are not allowed to access this page. Please log in" (see attached screen shot), but I'm clearly logged in. I did not have any issues with uploading other jsPsych experiments before (including a pilot version of the experiment I'm currently trying to upload) and on my local JATOS server everything works fine as well. Anything I can do on my end to get rid of the error and upload my experiment?



Comments

  • Hi Marita,

    That's odd. The error message is clearly wrong. Just to be sure, can you please try:

    • In your local JATOS, clone the study (on the study bar, go to more -> clone)
    • Export the clone
    • Try to import it on your server.

    The reason I'm suggesting this is that perhaps you have another study with the same UUID (identifier) on the same server but from a different user. Cloning it would give you a new UUID. Let us know if that doesn't work.

    Best

    Elisa

  • Another idea: JATOS needs browser cookies to function. Is there a possibility that you deactivated cookies? You can try with another browser to be sure.

  • Hi both,

    Tried both suggestions, but alas.

    Still get the error with a clone version of the experiment. Just to check: wouldn't deleting an experiment from my account also completely delete it from the server hosted by my university? At least, that's what I assumed given the behaviour of my local server. So there shouldn't be any identical UUIDs, correct?

    I also checked whether my cookies were deactivated and tried in a different browser, but still no luck.

    I just tried uploading an example study (the Go/NoGo study), but that also doesn't work, but I have no problems uploading that example study on my local server. I have a feeling it has something to do with the settings on my uni's server end. Any suggestions what the issue might be so I can ask them to fix it? Or is it a known issue with v3.5.2? Perhaps asking them to update to v3.5.5 will solve the issue (my local server runs on v3.5.5)?

    Thanks!

  • Hi Marita,

    That's unfortunate. First to get your questions out of the way:

    Just to check: wouldn't deleting an experiment from my account also completely delete it from the server hosted by my university?

    If 'deleting from my account' means deleting it while you are on your university's JATOS, then yes. But if you just delete your study on your local JATOS then this doesn't automatically delete the study on your university's JATOS.

    So there shouldn't be any identical UUIDs, correct?

    Not sure I understand. A problem with identical UUIDs usually happens if one takes an existing study and just alters it until it is a new study. Problem here is that this study still has the UUID of the old study and importing it to another JATOS where the old study exists, leads to this UUID collision error. The easy solution for this is to clone the study (it gives it a new UUID). I don't I answered your question here - but I leave this here for others that might have this problem :D

    Or is it a known issue with v3.5.2? Perhaps asking them to update to v3.5.5 will solve the issue (my local server runs on v3.5.5)?

    Not that I'm aware of. I just looked again at the commits and couldn't find any changes that would cause such behavior: so I'm pretty confident that your JATOS version is not the cause.

    I just tried uploading an example study (the Go/NoGo study), but that also doesn't work, but I have no problems uploading that example study on my local server. I have a feeling it has something to do with the settings on my uni's server end.

    I have the same feeling. Problem is there can be many causes (and JATOS error message doesn't help here either (sorry for that - I'll try to improve this)).

    • What does the JATOS test page say: my-jatos-url/jatos/test - everything OK?
    • Do you know any other user of your remote JATOS? Do they have the same problem?
    • What is the exact URL you are trying to open in your browser ( I just need the path - domain is not important)?
    • If you click on another non-study page in your remote JATOS: Does it work or do you get the same error?

    Best,

    Kristian

  • edited July 2020

    Hi Kristian,

    If 'deleting from my account' means deleting it while you are on your university's JATOS, then yes. But if you just delete your study on your local JATOS then this doesn't automatically delete the study on your university's JATOS.

    Yes, I meant on my university's JATOS (excuse my phrasing). That also kind of answers the UUID question. I've deleted all previous versions of this experiment from my university's JATOS, so there shouldn't be any identical UUID (plus, cloning also didn't help, so I don't think it's an UUID issue).

    I have the same feeling. Problem is there can be many causes (and JATOS error message doesn't help here either (sorry for that - I'll try to improve this)).

    What does the JATOS test page say:  - everything OK?

    Do you know any other user of your remote JATOS? Do they have the same problem?

    What is the exact URL you are trying to open in your browser ( I just need the path - domain is not important)?

    If you click on another non-study page in your remote JATOS: Does it work or do you get the same error?

    Don't know why I didn't think to look there before, but I had a look at the test page as you suggested and it does give me a warning. It says "WARN (wrong protocol)" at "Correct URL host". Plus, I also quickly checked the developers tools and that also gives me an error:

    I've asked a colleague to check whether he has any issues with the server, so we'll see what he says. But looking at these warning/error message, I'm assuming it's on the host server side.

    Forgot to mention this, but the problem actually already start with trying to log in. Sometimes I need to log in 4 or 5 times before I'm even logged in.

    Best, Marita

  • Dear Marita (and others),


    I have the same issue. I'm logged in to the JATOS server at the university of groningen, and after going to 10 or so different pages, I will get similar messages asking to log in, even though on the top right I can clearly see my username being displayed since I am logged in.


    Best

    Jelle

  • edited July 2020

    I'm not sure if your comment was also about the RUG servers, I have contacted someone at the Instrumentatiedienst to ask about the error. Hopefully it's just a server-side thing that can be fixed easily.

  • Forgot to mention this, but the problem actually already start with trying to log in. Sometimes I need to log in 4 or 5 times before I'm even logged in.

    Okay, this sounds like there is something wrong with the proxy setting. I'd suggest to tell your IT people to check the proxy's settings. Probably they use Apache or Nginx. The docs have pages for those: http://www.jatos.org/JATOS-with-Nginx.html and http://www.jatos.org/JATOS-with-Apache.html)

    Btw. those 'DevTools failed to load SourceMap ...' you can safely ignore. They don't even originate in JATOS - they come from browser extensions that you are using in your browser. And they only say that some source code couldn't be loaded in the 'pretty' version - but everything is still functional.

    Best

    Kristian

  • I'm not sure if your comment was also about the RUG servers, I have contacted someone at the Instrumentatiedienst to ask about the error. Hopefully it's just a server-side thing that can be fixed easily.

    Yep, was talking about the RUG server as well. Great! Could you keep me posted about their responses/fixes?

    Okay, this sounds like there is something wrong with the proxy setting. I'd suggest to tell your IT people to check the proxy's settings. Probably they use Apache or Nginx. The docs have pages for those: http://www.jatos.org/JATOS-with-Nginx.html and http://www.jatos.org/JATOS-with-Apache.html)

    @JelleStudentRug If they don't know where to look, we can suggest this?

    Btw. those 'DevTools failed to load SourceMap ...' you can safely ignore. They don't even originate in JATOS - they come from browser extensions that you are using in your browser. And they only say that some source code couldn't be loaded in the 'pretty' version - but everything is still functional.

    Yes, that is a standard error I always get and ignore :) The failed to load error is a bit more problematic though, but hopefully that'll be fixed with the proxy settings. Thanks for your suggestions!

    - Marita

  • They upgraded to v3.5.5 and everything works fine now :) Thanks for your suggestions @elisa / @kri and thanks for checking with RUG IT people @JelleStudentRug!

  • Hi all, we're trying to upgrade from v3.3.3 to v3.6.1 on Nginx and we're having a lot of the same problems described here. Specifically, I get the "You are not allowed to access this page. Please log in" message when trying to import old (v3.3.3) studies on the new JATOS instance, even if the study has been cloned locally and thus should have a unique UUID.

    I'm also getting very frequent automatic log-outs and 502 Bad Gateway errors.

    @MaritaEverhardt said that this was fixed by upgrading to v3.5.5, but it seems odd that this upgrade alone would solve the problem, since we're upgrading to a later version (3.6.1). Plus @kri said he went through the commits and couldn't find a reason why the problem would be solved by upgrading.

    I also saw these posts about 502 errors:

    And it sounds like these problems were solved by restarting the server or increasing storage space.

    I'll try these things, but wanted to follow up here in case someone figured this out and can point me in the right direction (permissions issues, proxy settings, etc.) before I go too far down the wrong track. Thanks!

  • Hi Becky!

    I have some thoughts about your problem:

    we're trying to upgrade from v3.3.3 to v3.6.1

    Why not the latest JATOS version 3.7.4? I'm just curious.

    Specifically, I get the "You are not allowed to access this page. Please log in" message when trying to import old (v3.3.3) studies on the new JATOS instance, even if the study has been cloned locally and thus should have a unique UUID.

    This error message ("You are not allowed ...") only happens if one is not authenticated (logged-in). You also say that you get frequent automatic log-outs. Somehow your user gets logged-out all the time. JATOS uses a cookie called PLAY_SESSION to store its session. Is maybe something messing with this cookie, deleting it? I'd suggest to delete all cookies and log-in again. Then check if the cookie stays.

    Also try to set jatos.userSession.validation to false in the production.conf (it's the default but maybe you activated it). This causes that a user can only use JATOS from the same IP and if the IP changes one gets logged-out. This is an additional security feature but can lead to the symptoms you have described.

    The 502 Bad Gateway errors hint at that JATOS is not available at the moment. This can have many reasons. Maybe it crashed. You already said that you will look into increasing memory and or storage space. But usually you find hints about what went wrong in JATOS' application.log.

    Best,

    Kristian

  • Thanks for the quick response @Kri! I'll look into all of these things and get back to you here if we figure it out.

    Why not the latest JATOS version 3.7.4? I'm just curious.

    Good question. 3.6.1 was the latest version when we decided to upgrade ages ago (before I went on maternity leave) and I had already gone through all of the release notes to make sure that we won't have any compatibility issues, so now we're just trying to finish that same upgrade. Once we work out the problems with this upgrade, I'll go back through the release notes for v3.6.1+ and we'll upgrade again using very handy the upgrading tool on the GUI admin page :)

  • This error message ("You are not allowed ...") only happens if one is not authenticated (logged-in). You also say that you get frequent automatic log-outs. Somehow your user gets logged-out all the time. JATOS uses a cookie called PLAY_SESSION to store its session. Is maybe something messing with this cookie, deleting it? I'd suggest to delete all cookies and log-in again. Then check if the cookie stays.

    Yes you're right, there's something that removes the PLAY_SESSION cookie, usually after one or a few requests. I tried deleting all cookies in the browser and logging in again, but it's still happening. I'm I right in thinking that these settings below are the only ones in the JATOS config that should affect the session authentication?

    jatos.userSession.timeout = 1440
    jatos.userSession.inactivity = 60
    jatos.userSession.validation = true
    play.http.session.secure = true
    

    I'll try setting jatos.userSession.validation to false and see if that helps.

    The 502 Bad Gateway errors hint at that JATOS is not available at the moment. This can have many reasons. Maybe it crashed. You already said that you will look into increasing memory and or storage space. But usually you find hints about what went wrong in JATOS' application.log.

    We don't think it's a memory issue, but tried upping them anyway and that didn't fix it. Would we see a particular error if JATOS ran out of memory or space? I didn't see anything in JATOS' application log. There are some warnings in JATOS' loader log but it's hard to tell if they're relevant.

    Also not sure if this is relevant: the site is served over HTTPS but the browsers show a 'connection not secure' warning because of a self-signed certificate (this will be fixed later).

  • edited June 29

    And a few screenshots that might be relevant:

    Please let me know if you have any thoughts about what's happening here, or what we could try changing to fix the frequent log-outs and 502 errors.

  • Hi Becky,

    Yes you're right, there's something that removes the PLAY_SESSION cookie, usually after one or a few requests. I tried deleting all cookies in the browser and logging in again, but it's still happening.

    Does this happen with all users the same? I'm trying to wrap my head around what is going on here. Apart from something deleting the PLAY_SESSION cookie, it could be corrupted user data in the database due to the upgrade (although I've never heard about such thing before).

    I'm I right in thinking that these settings below are the only ones in the JATOS config that should affect the session authentication?

    Yes. The first to define auto-logout times (in minutes) and the last one says that only HTTPS is allowed. I would recommend to deactivate jatos.userSession.validation. This adds an extra layer of security by checking the calling IP address. But this can lead to problems in certain networks. By default it's 'false'.

    We don't think it's a memory issue, but tried upping them anyway and that didn't fix it. Would we see a particular error if JATOS ran out of memory or space?

    Usually Java's OutOfMemoryError.

    There are some warnings in JATOS' loader log but it's hard to tell if they're relevant.

    What do they say?

    Also not sure if this is relevant: the site is served over HTTPS but the browsers show a 'connection not secure' warning because of a self-signed certificate (this will be fixed later).

    This is normal behavior if you use a self-signed certificate and should vanish as soon as you get a valid certificate.

    And about your screenshots:

    Play session cookie) looks fine

    Play flash warnings) They are just warnings and do not affect your JATOS right now. Newer version of JATOS deal with them and they do not occur anymore.

    SessionTimeoutChecker.js) That one is strange. The Content-Type should be application/javascript and not text/html. This seems to be the reason why it's not loaded. But anyway, although it is related to the auto-logout it does not actually log-out a user - it is responsible for showing the pop-up with "You have been logged out due to ...". So if your browser can't load you still get logged out (as configured in the config), but you won't see a pop-up telling you about it.

    Strict-transport-security) warning probably because you have a self-signed cert - ignore

    Best,

    Kristian

Sign In or Register to comment.

agen judi bola , sportbook, casino, togel, number game, singapore, tangkas, basket, slot, poker, dominoqq, agen bola. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 50.000 ,- bonus cashback hingga 10% , diskon togel hingga 66% bisa bermain di android dan IOS kapanpun dan dimana pun. poker , bandarq , aduq, domino qq , dominobet. Semua permainan bisa dimainkan hanya dengan 1 ID. minimal deposit 10.000 ,- bonus turnover 0.5% dan bonus referral 20%. Bonus - bonus yang dihadirkan bisa terbilang cukup tinggi dan memuaskan, anda hanya perlu memasang pada situs yang memberikan bursa pasaran terbaik yaitu http://45.77.173.118/ Bola168. Situs penyedia segala jenis permainan poker online kini semakin banyak ditemukan di Internet, salah satunya TahunQQ merupakan situs Agen Judi Domino66 Dan BandarQ Terpercaya yang mampu memberikan banyak provit bagi bettornya. Permainan Yang Di Sediakan Dewi365 Juga sangat banyak Dan menarik dan Peluang untuk memenangkan Taruhan Judi online ini juga sangat mudah . Mainkan Segera Taruhan Sportbook anda bersama Agen Judi Bola Bersama Dewi365 Kemenangan Anda Berapa pun akan Terbayarkan. Tersedia 9 macam permainan seru yang bisa kamu mainkan hanya di dalam 1 ID saja. Permainan seru yang tersedia seperti Poker, Domino QQ Dan juga BandarQ Online. Semuanya tersedia lengkap hanya di ABGQQ. Situs ABGQQ sangat mudah dimenangkan, kamu juga akan mendapatkan mega bonus dan setiap pemain berhak mendapatkan cashback mingguan. ABGQQ juga telah diakui sebagai Bandar Domino Online yang menjamin sistem FAIR PLAY disetiap permainan yang bisa dimainkan dengan deposit minimal hanya Rp.25.000. DEWI365 adalah Bandar Judi Bola Terpercaya & resmi dan terpercaya di indonesia. Situs judi bola ini menyediakan fasilitas bagi anda untuk dapat bermain memainkan permainan judi bola. Didalam situs ini memiliki berbagai permainan taruhan bola terlengkap seperti Sbobet, yang membuat DEWI365 menjadi situs judi bola terbaik dan terpercaya di Indonesia. Tentunya sebagai situs yang bertugas sebagai Bandar Poker Online pastinya akan berusaha untuk menjaga semua informasi dan keamanan yang terdapat di POKERQQ13. Kotakqq adalah situs Judi Poker Online Terpercayayang menyediakan 9 jenis permainan sakong online, dominoqq, domino99, bandarq, bandar ceme, aduq, poker online, bandar poker, balak66, perang baccarat, dan capsa susun. Dengan minimal deposit withdraw 15.000 Anda sudah bisa memainkan semua permaina pkv games di situs kami. Jackpot besar,Win rate tinggi, Fair play, PKV Games